General Ledger Controls Risk Assessment Internal Control Checklist
Completed by: Date Completed:
Question 1.
Does the financial institution have written statements of policies and procedures covering standard chart of accounts, entry preparation, institution-wide coding instructions, and authorization levels?
2.
Does the financial institution perform periodic verification of required management approvals and user approvals of new systems and procedures, as well as changes in systems, procedures, and programs?
3.
Does the financial institution have written procedures for requesting and approving changes in the chart of accounts?
4.
Does the financial institution require all non-recurring entries to be supported by journal vouchers and adequate documentation?
5.
Is there review and approval of each non-recurring journal entry by appropriate supervisory personnel who did not participate in its preparation?
6.
Does the financial institution have a master file of standard entries and established procedures for adding to, changing, or deleting from the master file of standard entries?
7.
Does the financial institution perform a review by the appropriate supervisory personnel of online access log profiles to assist in determining the propriety of changes to the master file?
8.
Does the financial institution perform reconciliations of the general ledger balances with the subsidiary ledger balances and trial balances?
9.
Does the financial institution have supervisory review of the reconciliation of the general ledger balances with subsidiary ledger balances and trial balances with follow-up on any unusual items?
Yes
No
Comments
10. Does the financial institution have documented procedures for initiating, reviewing, and approving entries? 11. Does the financial institution perform periodic inspection of processed entry forms for proper completion and authorized signatures?
Finance/Accounting
F13-1
General Ledger Controls Risk Assessment Internal Control Checklist (cont.)
Question
Yes
No
Comments
12. Do financial institution personnel review approval prior to posting? 13. Are reconciling items of suspense accounts aged, and is there a charge off policy for “old” reconciling items? 14. Do supervisory personnel who did not actively participate in its preparation check and approve each entry? 15. Does the financial institution have authorized signature files indicating senior management’s designation of the specific individuals who may approve certain entries? 16. Does the designated official approve all significant or unusual journal entries? 17. Does the designated official review the result of followup on the missing journal entry vouchers? 18. Does the financial institution compare critical details of each entry with established criteria; this may be done manually or by computer-validation techniques? 19. Do supervisory personnel review exception reports that identify entries that do not meet established criteria? 20. Do supervisory personnel periodically compare entry amounts with source data? 21. Does the financial institution use detailed cut-off and closing schedules showing due dates and the individual responsible for various categories of entries? 22. Does the financial institution compare totals posted to the general ledger with predetermined totals? 23. Does the financial institution use check-off control sheets to check actual entries against the closing schedule? 24. Does the financial institution limit access to computerbased files or data through the use of database management systems facilities or through passwords or physical controls over online terminals? 25. Does the financial institution have close supervision of employees and files by supervisory personnel? 26. Does the financial institution have policy statements, procedure manuals, organization charts, and/or other documentation that: a.
F13-2
List the balances, reports, activities, policies, and procedures that are to be substantiated and evaluated, when they are to be substantiated and evaluated, and who will supervise the activity?
Finance/Accounting
General Ledger Controls Risk Assessment Internal Control Checklist (cont.)
Question b.
Describe how the substantiation and evaluation should be performed (for example, audit software, trace balance back to supporting documentation, review reasonableness, and discuss orally)?
c.
Describe how the results of the review should be documented and to whom they should be communicated?
Yes
No
Comments
27. Does the financial institution have controls used to detect errors and omissions, to the extent not already performed in the other cycles, such as: a.
Reconciliation of recorded balances and activities with balances and activities reported by customers (e.g., reconciliation of recorded investment balances, loan balances, and deposit balances with customer confirmations)?
b.
Prompt follow-up on complaints?
c.
Reconciliation of general ledger balances with subsidiary ledger balances?
d.
Periodic verification of activity reports with underlying documentation?
e.
Periodic physical counts of cash, investment securities, loan notes, property, and reconciliation to recorded amounts?
f.
Comparison of recorded amounts with subsequent transactions or predicted amounts?
g.
Periodic verification of recorded balances by reference to outside sources of information?
28. Does the financial institution perform supervisory review of the reconciliation of general ledger balances with subsidiary ledger balances, and follow up on unusual items? 29. Does the financial institution compare the amounts of recurring entries from period to period? 30. Does the financial institution perform periodic verification of intangible assets, deferred charges, and related account recorded balances and activity by reference to outside sources of information, including vouching significant additions by reference to invoices, contracts, agreements, or other supporting documentation? 31. Does the financial institution compare this year’s supplemental disclosures to prior-year financial statements, minutes of board of director’s and shareholders’ meetings, and new regulatory pronouncements?
Finance/Accounting
F13-3
General Ledger Controls Risk Assessment Internal Control Checklist (cont.)
Question
Yes
No
Comments
32. Does the financial institution have the supplementary disclosures reviewed by legal counsel and other experts? 33. Does the financial institution have written statements of data-gathering procedures so subsidiaries and departments can report the necessary data promptly and accurately? 34. Does the financial institution have supervisory review of disclosure data gathered? 35. Does the financial institution have established procedures for checking (referencing) reported information to source documentation and for verifying clerical accuracy by one or more individuals who did not actively participate in gathering or summarizing the underlying data? 36. Does the financial institution have written procedures regarding translation and consolidation activities? 37. Does the financial institution have standard reporting and consolidation formats for subsidiaries and branches? 38. Does the financial institution have supervisory review of a regular reporting schedule and check-off sheets to compare reports received with those required? 39. Does the financial institution use standard “interco” general ledger accounts for all intercompany transactions that may need to be eliminated? 40. Does the financial institution have standard consolidation elimination and reclassification entries? 41. Does the financial institution have supervisory comparison of number and amounts of reclassification and elimination entries for the current period with the prior period? 42. Does the financial institution have a comprehensive policy statement in place, approved by the board of directors, which states the institution’s philosophy regarding the assumption and management of interest rate risk? 43. Does the financial institution perform periodic reevaluation of the ALM policy to ensure continued consistency with management’s criteria, with enhancements, or revision being approved by the ALM committee? 44. Does the financial institution have the ALM committee approve portfolio changes prior to execution of transactions?
F13-4
Finance/Accounting
General Ledger Controls Risk Assessment Internal Control Checklist (cont.)
Question
Yes
No
Comments
45. Does the financial institution perform a comparison of tax reserves with known requirements plus estimated requirements for contingencies by internal and/or external tax specialists? 46. Does the financial institution perform, by a designated official, a review of results of comparisons and checks on reasonableness? 47. Does the financial institution have controls to provide reasonable assurance that recorded balances are evaluated realistically, to the extent not already performed in the other cycles, which include: a.
Analysis of key ratios, trends, and variances?
b.
Periodic comparison of recorded amounts with market values?
c.
Periodic reviews of formulae used for accruals, write-offs, and realization?
d.
Comparison of results with industry trends?
e.
Legal, legislative, and economic reporting services?
f.
Periodic review of loan status by someone other than the loan officer?
48. Does the financial institution budget and report according to the same chart of accounts, and is analysis performed of significant variances between actual and planned account balances?
Finance/Accounting
F13-5
General Ledger Controls Risk Assessment Internal Control Checklist (cont.)
F13-6
Finance/Accounting
